openEuler 20.03 LTS update for tmux



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-27347
CWE-ID CWE-787
Exploitation vector Local
Public exploit N/A
Vulnerable software
 openEuler
Operating systems & Components / Operating system

tmux-debuginfo
Operating systems & Components / Operating system package or component

tmux-debugsource
Operating systems & Components / Operating system package or component

tmux-help
Operating systems & Components / Operating system package or component

tmux
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Out-of-bounds write

EUVDB-ID: #VU48517

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-27347

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

tmux-debuginfo: before 2.9a-2

tmux-debugsource: before 2.9a-2

tmux-help: before 2.9a-2

tmux: before 2.9a-2

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1119


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###